package com.miao.auth.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.stereotype.Component;

//之前DaoAuthenticationProvider类中的additionalAuthenticationChecks方法会调用User Detail Service检查请求中的password字段
//现在采用统一接口，将所有信息封装在username字段，而无password字段，所以不让其验证
//而是随后在自己定义的Service中进行校验
@Component
public class DaoAuthenticationProviderCustom extends DaoAuthenticationProvider {

    //子类是一个独立的类，与默认的配置无关
    @Autowired
    public void setUserDetailsService(UserDetailsService userDetailsService) {
        super.setUserDetailsService(userDetailsService);
    }

    //父类在这里会校验密码
    @Override
    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {

    }

}
